5 configuring rsa key – CANOGA PERKINS 9175 Configuration Guide User Manual
Page 261
CanogaOS Configuration Guide
41-2
DUT#configure terminal
Enter the Configure mode.
• Specify the number of times that a client can
re-authenticate to the server. The default is 6; the
range is 1 to 6.
DUT(config)#ip ssh server authentication-type all
Configure the SSH control parameters:
• Specify the authentication type. The default is
password and public-key.
DUT(config)#ip ssh server rekey-interval 100
Configure the SSH control parameters:
• Specify the server key lifetime. The default is 60
minutes.
DUT(config)#exit
Exit the Configure mode.
Validation Commands
To display the SSH server configuration, use the show ip ssh server status privileged
EXEC command.
DUT#show ip ssh server status
SSH server enabled
Version: 1.99
Authentication timeout: 100 second(s)
Authentication retries: 3 time(s)
Server key lifetime: 100 minute(s)
Authentication type: all
41.5 Configuring RSA Key
Beginning in privileged EXEC mode, follow these steps to configure RSA key:
DUT#configure terminal
Enter the Configure mode.
DUT(config)#rsa key key_test import url
flash:/key_test.pub public ssh2
Import RSA key.
In this case, the RSA key type is public and SSH2.
DUT(config)#username user_a assign rsa key
key_test
Assign user with RSA key.
DUT(config)#exit
Exit the Confiure mode.
To delete RSA key, use the no rsa key global configuration command.
Validation Commands
To display RSA key configuration, use the show rsa keys privileged EXEC command.
DUT#show rsa keys
Current RSA key configuration:
Name Type Usage Modulus
===================================================
key_test public 0 1024
To display user configuration, use the show usernames privileged EXEC command.
DUT#show usernames
Number User name Privilege Password Rsa Key
===================================================
1 user_a 1 key_test